Mozilla adds vulnerable Java plug-in versions to Firefox blocklist

IDG News Service staff |
April 4, 2012

The story, "Mozilla adds vulnerable Java plug-in versions to Firefox blocklist," which posted to the wire Tuesday, gave incorrect days for two separate blog posts mentioned in the second and last paragraphs. Those paragraphs have been corrected and now read, in order:

The story, "Mozilla adds vulnerable Java plug-in versions to Firefox blocklist," which posted to the wire Tuesday, gave incorrect days for two separate blog posts mentioned in the second and last paragraphs. Those paragraphs have been corrected and now read, in order:

"The February 2012 update to the Java Development Kit (JDK) and Java Runtime Environment (JRE) included a patch to correct a critical vulnerability that can permit the loading of arbitrary code on an end-user's computer," said Mozilla's channel manager Kev Needham in a blog post Monday.

On Monday, security researchers from F-Secure announced that new Web-based attacks are exploiting a vulnerability in the latest Java version for Mac OS in order to install malware. Preventing those attacks from affecting Firefox users would mean blacklisting the latest version of the Java plug-in for Mac, which would leave them without the ability to use Java applications in Firefox.